These papers were taken from the Honeynet Project. The honeyney project also has translated papers available in Francais, Deutsch, suomi, Slovene, Korean, Russian, Italian, Spanish, Chinese, and Polski.

Know Your Enemy - 7/21/00
The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can better protect your systems and network.

Know Your Enemy || - 6/18/01
How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap.

Know Your Enemy |||- 3/27/00 What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step.


Know Your Enemy: A Forensics Analysis - 5/23/00 This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we pieced the information together. The purpose is to give you the skills necessary to analyze and learn on your own the threats your organization faces. MSNBC has released an interactive, online video of the this paper.

Know Your Enemy: Motives - 6/27/00
This paper studies the motives and psychology of the black-hat community, in their own words

Know Your Enemy: Worms at War - 11/7/00 See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project.

Know Your Enemy: Passive Fingerprinting - 3/2/02 This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive sniffer traces only.

Know Your Enemy: Honeynets - 1/14/02 This paper focuses on what a Honeynet is, its value to the security community, how it works, and the risks/issues involved. This paper has been updated to include GenI, GenII, and Virtual Honeynet technologies/

Know Your Enemy: Statistics - 7/23/01 This paper analyzes eleven months of data collected by the Honeynet Project. Based on this data, we demonstrate just how active the blackhat community is. We also demonstrate that it may be possible to predict future attacks.

Armoring Linux - 8/18/00
Preparing your linux box for the Internet

Remote_Access_